Category: Information Security

There is only one way to eliminate risk

By Jim, on

One common misconception of risk management that I have come up against time and time again is that by managing a risk it has been eliminated and can be closed and removed from the risk register. This is simply not the case as risks can evolve and change over time for any number of reasons.

Read More

CIA requirements

By Jim, on

This is a posting I made from a discussion, on the LinkedIn Information Security Community Group, on which of Confidentiality, Availability and Integrity is most important.

Read More

Risk definitions

By Jim, on

One of the problems that security practitioners have when discussing risk is agreeing on the terminology. My work in recent years has focussed on using widely accepted standards to underpin security recommendations.

Read More